Commit Graph

427 Commits

Author SHA1 Message Date
Vinoth Kannan
e7407d0adc FEATURE: Webhook for group and category events 2018-03-27 11:53:35 +05:30
Kyle Zhao
f7bd05e534 FEATURE: set 'Retry-After' header for 429 responses (#5659) 2018-03-13 23:12:41 +08:00
Sam
0134e41286 FEATURE: detect when client thinks user is logged on but is not
This cleans up an error condition where UI thinks a user is logged on
but the user is not. If this happens user will be prompted to refresh.
2018-03-06 16:49:31 +11:00
Guo Xiang Tan
66d620f7b1 FEATURE: Trigger topic webhook when topic status is updated. 2018-02-27 11:07:37 +08:00
scossar
9d0807224b Don't enqueue topic webhook unless a post has a topic 2018-02-22 14:34:59 +08:00
Sam
ca1a3f37e3 FEATURE: add instrumentation for all external net calls 2018-02-21 15:20:29 +11:00
Gerhard Schlager
ce060e2b86 FIX: Server didn't use default_locale as fallback locale 2018-01-25 14:57:41 +01:00
Guo Xiang Tan
54dc191a91 Update rails_multisite to 2.0.1. 2018-01-19 10:19:16 +08:00
Sam
442a17bfb2 PERF: bypass omniauth unless in an auth path 2018-01-15 12:44:54 +11:00
Sam
ea63abf0f7 bypass mini profiler for locales
bypass cdn for now
2018-01-09 11:30:59 +11:00
Arpit Jalan
b205910faa FIX: allow upto three url redirects in onebox (#5457) 2017-12-27 10:30:06 +11:00
Guo Xiang Tan
6c4ee9d5b5 FEATURE: Trigger user webhook when a user logs in/out.
https://meta.discourse.org/t/how-do-you-learn-how-to-build-these-plugins/57946/10?u=tgxworld
2017-12-20 17:47:30 +08:00
Guo Xiang Tan
7d8cd84fa6 Improve lograge custom payload error handling. 2017-12-12 17:27:40 +08:00
Sam
63bdc4056d More log suppressions for rate limit exceeded 2017-12-11 17:52:57 +11:00
Guo Xiang Tan
2ff3444568 Rescue from errors when trying to append custom payloads to lograge output. 2017-12-08 08:31:58 +08:00
Sam
0693ed10d1 remove logging code for now 2017-12-08 08:36:35 +11:00
Vinoth Kannan
58aeaef0c4 FIX: Rescue if default_current_user_provider raised an error 2017-12-08 01:42:55 +05:30
Vinoth Kannan
19247f9087 FIX: current_user should be called only if controller have that method 2017-12-07 23:12:34 +05:30
Sam
90a55d6f7c FIX: handle CORS in hijacked requests 2017-12-07 10:31:04 +11:00
Guo Xiang Tan
6cb2b68b22 current_username -> username. 2017-12-05 12:29:02 +08:00
Guo Xiang Tan
dc858ec120 Include request.remote_ip and current_username in lograge logs. 2017-12-05 11:57:41 +08:00
Guo Xiang Tan
900dec5bc1 Make logster ignore Rack::QueryParser::InvalidParameterError errors. 2017-11-30 15:29:19 +08:00
Guo Xiang Tan
46f8a6c97d Fix broken lograge logs. 2017-11-28 14:00:13 +08:00
Guo Xiang Tan
b907f7d307 Add more metrics to lograge's output if MethodProfiler is enabled. 2017-11-25 08:16:40 +08:00
Sam
2b8d4508e5 PERF: stop running background work between requests
Use a dedicated thread to run Scheduler::Defer

This avoids blocking of a worker during operations that require waiting.

In particular uploads risked blocking a unicorn.

This also add a queue "length" that discourse prometheus consumes.
2017-11-23 15:48:47 +11:00
Guo Xiang Tan
89d9ffa884 EXPERIMENTAL: Allow logs to be shipped via different methods.
See https://github.com/dwbutler/logstash-logger#uri-configuration for
a list of available methods.
2017-11-15 09:11:33 +08:00
Guo Xiang Tan
0d8e9a88c9 FIX: Disable rails_multisite formatter if lograge is enabled. 2017-11-15 09:03:50 +08:00
Sam
86e6732f78 FEATURE: update rails multisite
always allow /srv/status through even if host does not match
2017-11-09 15:40:56 +11:00
Guo Xiang Tan
b840971b77 Convert params hash to a query string instead of a hash when logging. 2017-11-08 15:19:45 +08:00
Guo Xiang Tan
09cee4c315 Don't add time to logs when using logstash formatter. 2017-11-02 14:40:18 +08:00
Guo Xiang Tan
d888d3c54c EXPERIMENTAL: Allow Logstash formatter to be enable for lograge logs. 2017-11-01 08:38:06 +08:00
Guo Xiang Tan
d15068da70 Remove experimental logstash feature.
* We'll most likely be extracting it into a plugin.
2017-10-31 10:15:22 +08:00
Guo Xiang Tan
b8e580b0e0 Set logstash-logger file output to sync. 2017-10-30 20:57:02 +08:00
Guo Xiang Tan
9112d2da3b Add timestamp to lograge output. 2017-10-28 00:46:49 +08:00
Guo Xiang Tan
fba0c9e51e Continue to log to Rails default log file when LogStashLogger is
enabled.
2017-10-28 00:30:11 +08:00
Guo Xiang Tan
8b12a906c6 Fix incorrect URI for LogstashLogger. 2017-10-27 23:52:36 +08:00
Guo Xiang Tan
afdd31473d Add type when shipping logs to logstash. 2017-10-27 23:31:17 +08:00
Guo Xiang Tan
d487be759c EXPERIMENTAL: Allow app to Logstash directly. 2017-10-27 22:56:32 +08:00
Guo Xiang Tan
90d6677d97 EXPERIMENTAL: Allow lograge to be selected as the logging library. 2017-10-27 17:54:45 +08:00
Guo Xiang Tan
d2ac7a9476 Partially revert 4e89d3f778.
* SiteSetting uses DistributedCache which depends on MessageBus.
  Therefore, we need to initialize MessageBus first.
2017-10-12 15:15:24 +08:00
Guo Xiang Tan
23415caecd Print out backtrace as well. 2017-10-12 14:52:18 +08:00
Guo Xiang Tan
4e89d3f778 Only refresh site settings once on initialization. 2017-10-12 14:12:18 +08:00
Guo Xiang Tan
630f7bfba2 Remvoe unused file. 2017-10-12 13:45:00 +08:00
Guo Xiang Tan
69f56e8745 Remove unused file. 2017-10-11 16:05:41 +08:00
Sam
9b4fd0b26b correct multisite issues with scheduler 2017-10-11 18:46:53 +11:00
Guo Xiang Tan
475e86d59e WORKAROUND: Can't reinsert a deleted middleware. 2017-09-25 13:48:59 +08:00
Guo Xiang Tan
3840c50083 Fix logster not ignoring CSRF warnings. 2017-09-25 13:48:59 +08:00
Guo Xiang Tan
77d4c4d8dc Fix all the errors to get our tests green on Rails 5.1. 2017-09-25 13:48:58 +08:00
David Taylor
7d350d0d75 Revert plugin js changes (#5139)
* Revert "Add disabled_plugins to preloadstore for login_required anonymous users (#5134)"

This reverts commit b840170f8d.

* Revert "Do not load javascripts for disabled plugins (#5103)"

This reverts commit a14ab48829.
2017-09-07 15:15:29 +02:00
David Taylor
a14ab48829 Do not load javascripts for disabled plugins (#5103)
* Do not load javascript for disabled plugins

* Appease rubocop
2017-09-06 10:06:47 +02:00
Guo Xiang Tan
9bc3038728 Fix Redis command errors when trying to start app with a readonly Redis. 2017-08-02 21:33:56 +09:00
Guo Xiang Tan
5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Robin Ward
0ba39109a0 FIX: Make omit_default_port the global default 2017-06-30 12:43:26 -04:00
Guo Xiang Tan
7ea288140d Allow multiple host when restricting Sidekiq queues. 2017-06-19 14:45:51 +09:00
Felix Freiberger
6729f032b0 Typofix in Onebox user_agent 2017-05-24 14:36:02 -04:00
Robin Ward
8bc93c0b01 FEATURE: Add custom User-Agent to Discourse Oneboxes 2017-05-24 12:19:36 -04:00
Sam
35bb4ae995 FIX: wizard was not showing up if more than 1 system user 2017-05-23 11:09:50 -04:00
Robin Ward
4c690f7089 Use FinalDestination to ensure public redirects for onebox 2017-05-22 16:42:49 -04:00
Sam
e7c2ad41ca Move discourse dev data out of tmp
Fix watch for restart so it works with puma
2017-05-18 11:36:24 -04:00
Guo Xiang Tan
f028d6cd52 Missed a spot when removing Sidekiq::Statistic. 2017-04-26 15:53:11 +08:00
Guo Xiang Tan
f499180bb3 Add ENV variable to only allow Sidekiq scheduler to run on a particular host. 2017-04-26 14:13:26 +08:00
Sam
a3e8c3cd7b FEATURE: Native theme support
This feature introduces the concept of themes. Themes are an evolution
of site customizations.

Themes introduce two very big conceptual changes:

- A theme may include other "child themes", children can include grand
children and so on.

- A theme may specify a color scheme

The change does away with the idea of "enabled" color schemes.

It also adds a bunch of big niceties like

- You can source a theme from a git repo

- History for themes is much improved

- You can only have a single enabled theme. Themes can be selected by
    users, if you opt for it.

On a technical level this change comes with a whole bunch of goodies

- All CSS is now compiled using a custom pipeline that uses libsass
    see /lib/stylesheet

- There is a single pipeline for css compilation (in the past we used
    one for customizations and another one for the rest of the app

- The stylesheet pipeline is now divorced of sprockets, there is no
   reliance on sprockets for CSS bundling

- CSS is generated with source maps everywhere (including themes) this
    makes debugging much easier

- Our "live reloader" is smarter and avoid a flash of unstyled content
   we run a file watcher in "puma" in dev so you no longer need to run
   rake autospec to watch for CSS changes
2017-04-12 10:53:49 -04:00
Guo Xiang Tan
66a7b0c30b FIX: Add web hook DiscourseEvents in initializer. 2017-04-12 11:55:49 +08:00
Guo Xiang Tan
1a7e954e09 FIX: Store custom emojis as uploads.
* Depending on a hardcoded directory was a flawed design
  which made it impossible to debug when custom emojis go
  missing.
2017-03-14 13:07:18 +08:00
Neil Lalonde
0f1495e64e FIX: also add Discourse-Visible to allowed headers for message bus 2017-03-06 16:00:37 -05:00
Neil Lalonde
f9aae7af6a FIX: add Discourse-Visible to CORS allowed headers for sites that use a proxy 2017-03-06 14:41:57 -05:00
Neil Lalonde
954d75f81c FIX: CORS middleware needs to happen earlier than AnonymousCache middleware 2017-03-06 12:25:12 -05:00
Sam
1935f624b8 FEATURE: reset active record cache in sidekiq if needed
This can happen in multisite environments after restores
2017-02-17 12:09:53 -05:00
Sam
ff49f72ad9 FEATURE: per client user tokens
Revamped system for managing authentication tokens.

- Every user has 1 token per client (web browser)
- Tokens are rotated every 10 minutes

New system migrates the old tokens to "legacy" tokens,
so users still remain logged on.

Also introduces weekly job to expire old auth tokens.
2017-02-07 09:22:16 -05:00
Sam
a898d6a02a FIX: silence and quiet logger not thread safe
This caused info/warning to be consistently missing
in dev mode when using puma
2017-01-31 15:44:46 -05:00
Guo Xiang Tan
b8441fba27 Merge pull request #4546 from tgxworld/fix_postgresql_failover
Fix postgresql failover
2016-11-30 09:36:52 +01:00
Sam
3bec128f5f DEV: add warning if force_https in dev 2016-11-25 11:35:29 +11:00
Guo Xiang Tan
759feef3f0 FIX: No loggers may have been chained. 2016-11-17 13:52:08 +08:00
Sam
9848e26190 FIX: force secure cookies on session if force https is enabled 2016-10-27 15:15:58 +11:00
Robin Ward
c03d25f170 FEATURE: Configure Admin Account
Adds a "Step 0" to the wizard if the site has no admin accounts where
the user is prompted to finish setting up their admin account from the
list of acceptable email addresses.

Once confirmed, the wizard begins.
2016-10-19 11:27:56 -04:00
Guo Xiang Tan
596fcfeb58 FIX: Set formatter for original Rails logger. 2016-09-15 23:51:22 +08:00
Sam
50379183e1 FIX: allow the Dont-Chunk header for remote message bus access 2016-08-31 12:57:19 +10:00
Jeff Atwood
bb5dc839a0 extend existing log suppression for empty JS errors 2016-08-29 00:47:11 -07:00
Jeff Atwood
6fd3ebb253 don't log any JavaScript "errors" from IE 9 2016-08-29 00:35:01 -07:00
Sam
4fe52c8cbe FEATURE: backend support for pushing notifications to clients 2016-08-26 12:47:10 +10:00
Sam
846a08d3c7 FIX: improve error results for message bus failures 2016-08-25 15:39:39 +10:00
Guo Xiang Tan
dc2dae2cc4 FIX: Logs notice was not displaying the right Date. 2016-08-02 12:40:28 +08:00
Guo Xiang Tan
0ffe8402a9
FIX: SiteSettings not avaliable in initializers on dev env. 2016-07-04 11:15:29 +08:00
Guo Xiang Tan
42ce59d257
Partially revert https://github.com/discourse/discourse/commit/09b92dd3. 2016-07-01 01:28:49 +08:00
Guo Xiang Tan
8db3ab5f2a Merge pull request #4292 from tgxworld/rename_use_https_to_force_https
Rename `SiteSetting#use_https` to `force_https`.
2016-06-29 15:17:57 +08:00
Guo Xiang Tan
20359788dc
Rename SiteSetting#use_https to force_https. 2016-06-29 15:02:43 +08:00
Guo Xiang Tan
09b92dd345
Bump minimum Ruby version to 2.3. 2016-06-10 11:40:42 +08:00
Jeff Atwood
8b5dfeb18f ignore a few more common meaningless JS errs 2016-06-09 16:38:46 -07:00
Guo Xiang Tan
256d7a00e9 Update sprockets. (#4167)
* Update sass-rails.

* FIX: Tilt dependency has been removed from Ember::Handlebars::Template.

* Update `DiscourseIIFE` to new Sprockets API.

* `Rails.application.assets` returns `nil` in production.

* Move sprockets-rails out of the assets group.

* Pin ember-rails to 0.18.5 which works with Sprockets 3.x.

* Update sprockets to 3.6.0.

* Make `DiscourseSassCompiler` work with Sprockets 3.

* Use `Sass::Rails::SassImporterGlobbing` instead of haxxing our own.

* Moneky patch so that we don't add dependencies for our custom css.

* FIX: Missing class.

* Upgrade ember-handlebars-template.

* FIX: require path needs to share the same root as the folder's path.

* Bump discourse-qunit-rails.

* Update ember-template-compiler.js to 1.12.2.

* `prepend` is private in Ruby 2.0.0.
2016-04-18 10:47:52 +08:00
Neil Lalonde
3e5f2bd1cf FIX: replace reference to Google_oauth2 with Google during signup 2016-03-29 18:08:55 -04:00
Robin Ward
e407ef9d0e FIX: Also support nil values for the site settings 2016-03-24 11:14:17 -04:00
Robin Ward
b270e0142b FIX: If site settings are missing don't do anything 2016-03-24 11:12:54 -04:00
Guo Xiang Tan
5dc5767851 FIX: Assigning wrong value to variable. 2016-03-21 15:18:31 +08:00
Guo Xiang Tan
54bdcd9b98 Update to new rate limit Redis config. 2016-03-21 14:00:50 +08:00
Régis Hanol
1c19548e30 Merge pull request #4094 from fantasticfears/omniauth-config
FIX: redirect output omniauth log to Rails logger instead of stdout
2016-03-19 18:03:16 +01:00
Erick Guan
7df33ca287 FIX: redirect output omniauth log to Rails logger instead of stdout 2016-03-19 13:17:13 +01:00
Jeff Atwood
40d6f062f7 clarify why block all mobile/tablet for miniprofiler 2016-03-15 16:54:40 -07:00
Jeff Atwood
d052f1746c add support for other Nexus devices as "mobile" 2016-03-15 16:46:46 -07:00
Guo Xiang Tan
90fde5053d FIX: Load Redis patch much earlier. 2016-03-11 17:29:00 +08:00
Guo Xiang Tan
c07c474575 FEATURE: Master-Slave Redis configuration with fallback and switch over. 2016-03-11 12:18:58 +08:00
Neil Lalonde
b49e0e0f4a FIX: add path to cookie on subfolder installs 2016-03-07 13:40:21 -05:00
Guo Xiang Tan
f32f0d6337 Merge pull request #4017 from tgxworld/add_admin_banner_for_logster
FEATURE: Admin Banner when Logster logs is getting flooded.
2016-03-02 23:44:56 +08:00
Guo Xiang Tan
fdd6920ae7 FEATURE: Admin Banner when Logster logs is getting flooded. 2016-03-02 22:03:16 +08:00
Guo Xiang Tan
b500f35d14 Ignore ActionController::UnknownHttpMethod error in logs. 2016-02-24 12:58:23 +08:00
Sam Saffron
209b022385 PERF: cut down on memory usage allowed to redis
This limits the amount of backlog message bus channels can have.
2016-02-04 13:58:38 +11:00
Régis Hanol
737c606710 FIX: 'cancel_scheduled_job' wasn't working due to sidekiq upgrade 2016-01-13 09:08:26 +01:00
Sam
e451d47e84 Revert "PERF: send Content-Length from Rails on all requests"
This reverts commit ea0e238ae1.

Does not seem needed reverting
2016-01-08 11:36:32 +11:00
Sam Saffron
ea0e238ae1 PERF: send Content-Length from Rails on all requests 2016-01-07 21:15:55 +11:00
Sam
77f4461c51 we need to bypass this in dev 2015-12-09 16:41:09 +11:00
Sam
65edbb609c Revert "Revert message bus upgrade"
This reverts commit 47e718f5b2.
2015-12-09 11:48:41 +11:00
Sam
47e718f5b2 Revert message bus upgrade 2015-12-09 11:45:11 +11:00
Sam
d8795a5345 FIX: missing site id lookup causing message bus cross talk in multisite 2015-12-09 07:55:43 +11:00
Sam
2cc95af69b Revert "REVERT: message bus changes"
This reverts commit 4820d5c7b0.
2015-12-09 07:36:36 +11:00
Robin Ward
4820d5c7b0 REVERT: message bus changes 2015-12-08 15:32:31 -05:00
Sam
c866d5b42d Revert "Revert "PERF: move message bus to the front of the middleware stack""
This reverts commit cd1dd18f01.
2015-12-08 07:11:28 +11:00
Robin Ward
cd1dd18f01 Revert "PERF: move message bus to the front of the middleware stack"
I suspect this commit is preventing Sidekiq from running inprocess.
2015-12-07 14:57:23 -05:00
Sam
c04bcf8655 PERF: move message bus to the front of the middleware stack
Organise all initializers so they are properly ordered and use the same naming scheme
2015-12-07 14:51:24 +11:00
Robin Ward
5e93140f85 FEATURE: Can override any translation via an admin interface 2015-11-27 11:35:19 -05:00
Robin Ward
e168c5fde3 PERF: Much more performant, multisite aware I18n overrides 2015-11-19 16:36:59 -05:00
Robin Ward
1be4b6a8f5 Refresh I18n customizations on change 2015-11-17 16:15:09 -05:00
Robin Ward
3720783c1b Refactor to our own Discourse I18n backend
This removes some monkey patches and makes testing easier.
It will also support database backed I18n changes.
2015-11-13 16:35:02 -05:00
Sam
08ee367210 FIX: no keepalive tests for rake tasks, shell could be stalling threads 2015-09-29 10:17:56 +10:00
Gerhard Schlager
233bf9bc24 Always use locale fallback on server 2015-09-13 17:24:15 +02:00
Kane York
6119d9fdc0 FIX: Fallbacks for missing interpolation arguments
This takes effect when an interpolation is removed from a translation in
a Discourse update.

The I18n::Backend::Fallbacks loops with a catch(:exception), so calling
throw(:exception) will cause it to use the next locale, until it reaches
English which is assumed to be correct.

Also, enable fallbacks in everything except development (#3724 for more
discussion) - we should be able to test this
2015-09-11 09:39:40 -07:00
Sam
25fb684565 ensure statistic collection is on 2015-09-03 12:00:19 +10:00
Sam
2c59ad3dd3 FIX: favicon update broken when favicon lived on a CDN 2015-08-25 11:54:23 +10:00
Sam
d74d5c47ad FIX: admin not getting updates for topics in secure groups
(only where admin is missing explicit permissions)
2015-08-25 09:25:39 +10:00
Sam
2203a4147d add some extra diagnostics 2015-08-19 16:58:25 +10:00
Sam
82a6176b08 lower the volume on failed to pull hotlinked image
add more diagnostics
2015-08-19 12:32:45 +10:00
Sam
b703af3d37 Skip 403 forbidden as well 2015-08-18 17:48:54 +10:00
Sam
f1398f0650 another hotlinked image whitelist 2015-08-18 17:41:39 +10:00
Sam
45adeacd45 ignore empty script errors, line 0 gives us nothing. 2015-08-18 17:06:07 +10:00
Sam
ffe06fbcb5 whitelist 404 pull hotlinked image 2015-08-18 17:06:07 +10:00
Sam
f06137003b logster needs application version 2015-08-17 16:54:44 +10:00
Sam
c711c06bb8 FIX: stop double reporting errors that were already reported 2015-08-14 12:51:23 +10:00
Robin Ward
9911e92e24 Merge pull request #3609 from riking/patch-7
FEATURE: Localization fallbacks
2015-07-30 10:44:29 -04:00
Sam
d7e7ae33ea FIX: IE9 and 10 were getting white screen, due to ES6 usage 2015-07-17 12:43:45 +10:00
Kane York
650eb86a74 Disable in development (server) 2015-07-15 10:17:36 -07:00
Kane York
ecfa17b5a7 FEATURE: Localization fallbacks (server-side)
The FallbackLocaleList object tells I18n::Backend::Fallbacks what order the
languages should be attempted in. Because of the translate_accelerator patch,
the SiteSetting.default_locale is *not* guaranteed to be fully loaded after the
server starts, so a call to ensure_loaded! is added after the locale is set for
the current user.

The declarations of config.i18n.fallbacks = true in the environment files were
actually garbage, because the I18n.default_locale was
SiteSetting.default_locale, so there was nothing to fall back to. *derp*
2015-07-15 10:17:36 -07:00
Sam
e516036492 correct broken specs 2015-07-09 17:05:15 +10:00
Sam
8252f4e110 FEATURE: allow use of redis sentinel via redis_sentinels
Use: DISCOURSE_REDIS_SENTINELS and DISCOURSE_REDIS_HOST to configure redis
sentinel
2015-06-25 16:51:48 +10:00
Sam Saffron
57e82ceac7 PERF: production assets not minified
source url post processor forcing all scripts into an eval,
  minifier can not minify such files
2015-06-11 16:41:39 +10:00
Sam Saffron
9b489506d0 update memory profiler, oj and lru redux 2015-06-05 01:39:38 +10:00
Sam
3f24e18df0 stop logging badrequest, its just bad urls entered 2015-05-27 13:46:15 +10:00
Sam
f26fef4340 silence ar not found 2015-05-19 09:32:27 +10:00
Aaron Boushley
60aa52b753 Enable CORS requests to pass necessary headers.
To fully enable session deletion over CORS we need support for passing the
`X-Requested-With` header so that these requests can pass the `check-xhr` filter.

I also allowed the `X-CSRF-Token` to enable the alternative CSRF passing syntax.
2015-05-14 09:46:41 -07:00
Robin Ward
963b08f063 Allow OPTIONS requests when CORS is enabled 2015-05-14 11:14:47 -04:00
Sam
d6c06eb547 Get rid of CSRF errors 2015-05-07 10:42:21 +10:00
Sam
cea9cfe49f remove alihack 2015-05-06 16:59:41 +10:00
Sam
2f82caafa2 Add ignore for another type of not found 2015-05-06 16:21:59 +10:00